These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
 

Google Script to get access_token and fetch citadel market orders
Author
Previous Topic Next Topic
Fat Buddah
Federal Navy Academy
Gallente Federation
#1 - 2017-02-22 09:36:57 UTC  |  Edited by: Fat Buddah
Hello,

After reading and commenting this thread I thought I'd give it a go though I've never worked with the Google Script stuff.

Below is what I wrote after reading Google's documentation about calling external services. It sends my refresh token, gets the refreshed access token, and fetches the market orders from a citadel using the refreshed access token.

Basically I inserted this into the very popular importJSON Google script (modified to call the below function instead of calling UrlFetchApp).
Although it works OK and populates my spreadsheet with nice data, I'm worried about few things:

1. What is the best approach to prevent my sheet from spamming CCP's oauth server asking for a refreshed access token? (for example, if I refresh my sheet very quickly for some reasons)

2. Obviously I have registered to the dev site and have the authorisation code as well as the refresh token for one of my toons. But they were obtained through another method, not Google script.
My question is: is it OK to make authorisation requests from Google sheet, not from the callback URL domain saved in the app I registered with? ...Or... is it OK to make authorisation calls from Google sheet in the first place?

Thank you and fly safe!

Here's the Google script


function getESIData(structureID, page) {

//sends refresh token and gets a refreshed acess token
var refreshurl = 'https://login.eveonline.com/oauth/token?'
    + 'grant_type=refresh_token'
    + '&refresh_token=REFRESHTOKEN';

var headers = {
    'Authorization': 'Basic AUTHORIZATIONCODE] ',
    'Content-Type': 'application/x-www-form-urlencoded',
    };
var options = {
    'method': 'post',
    'headers': headers,
    };
var response = UrlFetchApp.fetch(refreshurl, options);

var refresh_raw = response.getContentText();
var refresh_parse = JSON.parse(refresh_raw);
var acess_token = refresh_parse['access_token'];


//getting the esi citadel market data with the refreshed access token
var esi_url = 'https://esi.tech.ccp.is/latest/markets/structures/'+structureID+'/?page='+page+'&datasource=tranquility';

var esi_headers = {
    'Authorization': 'Bearer '+auth_token,
    'Accept': 'application/json'
     };
var esi_options = {
    'method': 'GET',
    'headers': esi_headers,
    };

var esi_response = UrlFetchApp.fetch(esi_url, esi_options);
//var esi_raw = esi_response.getContentText();
//var esi_parse = JSON.parse(esi_raw);

return esi_response;

//after this I pump return into the popular importJSON script for filling the spreadsheet
}
YeuxVerts Belle
Royal Amarr Institute
Amarr Empire
#2 - 2017-02-22 11:44:22 UTC
Fat Buddah wrote:
1. What is the best approach to prevent my sheet from spamming CCP's oauth server asking for a refreshed access token? (for example, if I refresh my sheet very quickly for some reasons)


I don't know, so i won't answer.

Fat Buddah wrote:
2. Obviously I have registered to the dev site and have the authorisation code as well as the refresh token for one of my toons. But they were obtained through another method, not Google script.
My question is: is it OK to make authorisation requests from Google sheet, not from the callback URL domain saved in the app I registered with? ...Or... is it OK to make authorisation calls from Google sheet in the first place?


I'm using localhost as my callback address, because i'm using an batch application and not an online one and thus i have no use for that address. The callback is something for you to use, not them.
In short, 2. yes it's OK.

The above message presents my opinions on the topic at hand. If there is a conflict between my views and reality, consider reality to be correct until proven otherwise.